Today I submitted a new app to the iTunes AppStore. As I got to the end of the registration process I realised, to my horror, that final question about “Does your app use encryption?”, which I always click “No” for was in fact “Yes” this time.
I’ve been passively following the farce regarding export of cryptographic software from the United States – despite the fact that the forbidden software is already available to basically the entire planet – but never actually been directly affected by it, until now. Illogically I just assumed by default that because I’ve never had any interest in writing cryptographic software, and my company is Canadian, this wouldn’t apply.
A bit of googling around was not as reassuring as one might hope. Apparently, it is possible to certify an application for export of cryptography in a mere eight easy steps which could take as little as a month to complete, if nothing goes wrong. All as penance for the sin of needing to access a website with an https:// prefix.
A bit more digging around revealed that in fact the process has been simplified significantly. The instructions in this link are immensely helpful, and in fact I had an “ERN” (export registration number) within an hour. Some of the steps claim that they could take as long as a week.
So now this new mystery app is sitting in the AppStore queue, waiting for “Export Compliance”, rather than usual “Review” bottleneck. If all goes well, there should be a followup blog post revealing the app itself!